mobility and firewall
Christoph Georgi
christoph.georgi at web.de
Sat Jun 4 01:42:57 CDT 2005
Dmitriy Kropivnitskiy wrote:
<snip>
>
> What do you mean by this? If you mean something like "Only
> mozilla-firefox can connect to port 80" it is rather difficult. The only
> way I see to do something like this transparently is to use netlink
> interface of netfilter. Unfortunately it is a bit under-documented and I
> am not sure how well it is supported.
>
$IPTABLES -A OUTPUT -p TCP --dport http -m owner --cmd-owner firefox -j
ACCEPT
$IPTABLES -A OUTPUT -p TCP --dport http -m owner --cmd-owner firefox-bin
-j ACCEPT
That should do the trick?!
christoph
--
Christoph Georgi
-----------------------------
email. christoph.georgi at web.de
fon. +64 (0)9 815 8259
registered linux user #380268
ubuntu 5.04 (ubuntu.com)
More information about the ubuntu-devel
mailing list